﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Security.Cryptography;
using System.Text;
using System.Web;

/// <summary>
/// Source : http://devproconnections.com/aspnet/aspnet-web-security-protect-user-passwords-hashing-and-salt
/// </summary>
public class Hashing
{
	public string HashingFunction(string password)
	{
		// TODO: Hasha
        string hashedPassword = password;                
        
        return hashedPassword;	
	}

    public String HashPassword(String password, String salt)
    {
        var combinedPassword = String.Concat(password, salt);
        var sha256 = new SHA256Managed();
        var bytes = UTF8Encoding.UTF8.GetBytes(combinedPassword);
        var hash = sha256.ComputeHash(bytes);
        return Convert.ToBase64String(hash);
    }

    public String GetRandomSalt(Int32 size = 12)
    {
        var random = new RNGCryptoServiceProvider();
        var salt = new Byte[size];
        random.GetBytes(salt);
        return Convert.ToBase64String(salt);
    }

    public Boolean ValidatePassword(String enteredPassword, String storedHash, String storedSalt)
    {
        var hash = HashPassword(enteredPassword, storedSalt);
        return String.Equals(storedHash, hash);
    }
}